Vulnerability Details CVE-2022-41604
Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.9%
CVSS Severity
CVSS v3 Score 8.8
References
- https://github.com/Wh04m1001/ZoneAlarmEoP
- https://www.infigo.hr/en/insights/39/elevation-of-privilege-in-zonealarm-extreme-security/
- https://www.zonealarm.com/software/extreme-security/release-history
- https://github.com/Wh04m1001/ZoneAlarmEoP
- https://www.infigo.hr/en/insights/39/elevation-of-privilege-in-zonealarm-extreme-security/
- https://www.zonealarm.com/software/extreme-security/release-history
Products affected by CVE-2022-41604
-
cpe:2.3:a:checkpoint:zonealarm:-
-
cpe:2.3:a:checkpoint:zonealarm:10.2.068.000
-
cpe:2.3:a:checkpoint:zonealarm:10.2.072.000
-
cpe:2.3:a:checkpoint:zonealarm:10.2.073.000
-
cpe:2.3:a:checkpoint:zonealarm:10.2.074.000
-
cpe:2.3:a:checkpoint:zonealarm:10.2.078.000
-
cpe:2.3:a:checkpoint:zonealarm:11.0.000.018
-
cpe:2.3:a:checkpoint:zonealarm:11.0.000.020
-
cpe:2.3:a:checkpoint:zonealarm:11.0.000.038
-
cpe:2.3:a:checkpoint:zonealarm:11.0.000.054
-
cpe:2.3:a:checkpoint:zonealarm:11.0.000.057
-
cpe:2.3:a:checkpoint:zonealarm:11.0.000.504
-
cpe:2.3:a:checkpoint:zonealarm:11.0.768.000
-
cpe:2.3:a:checkpoint:zonealarm:11.0.780.000
-
cpe:2.3:a:checkpoint:zonealarm:12.0.104.000
-
cpe:2.3:a:checkpoint:zonealarm:12.0.118.000
-
cpe:2.3:a:checkpoint:zonealarm:13.0.208.000
-
cpe:2.3:a:checkpoint:zonealarm:13.1.211.000
-
cpe:2.3:a:checkpoint:zonealarm:13.2.015.000
-
cpe:2.3:a:checkpoint:zonealarm:13.3.052.000
-
cpe:2.3:a:checkpoint:zonealarm:13.3.209.000
-
cpe:2.3:a:checkpoint:zonealarm:14.0.157.000
-
cpe:2.3:a:checkpoint:zonealarm:14.0.508.000
-
cpe:2.3:a:checkpoint:zonealarm:14.0.522.000
-
cpe:2.3:a:checkpoint:zonealarm:14.1.011.000
-
cpe:2.3:a:checkpoint:zonealarm:14.1.048.000
-
cpe:2.3:a:checkpoint:zonealarm:14.1.057.000
-
cpe:2.3:a:checkpoint:zonealarm:14.2.255.000
-
cpe:2.3:a:checkpoint:zonealarm:14.3.119.000
-
cpe:2.3:a:checkpoint:zonealarm:15.0.123.17051
-
cpe:2.3:a:checkpoint:zonealarm:15.0.139.17085
-
cpe:2.3:a:checkpoint:zonealarm:15.0.156.17126
-
cpe:2.3:a:checkpoint:zonealarm:15.0.159.17147
-
cpe:2.3:a:checkpoint:zonealarm:15.1.501.17249
-
cpe:2.3:a:checkpoint:zonealarm:15.1.522.17528
-
cpe:2.3:a:checkpoint:zonealarm:15.2.053.17581
-
cpe:2.3:a:checkpoint:zonealarm:15.3.060.17669
-
cpe:2.3:a:checkpoint:zonealarm:15.3.064.17729
-
cpe:2.3:a:checkpoint:zonealarm:15.4.062
-
cpe:2.3:a:checkpoint:zonealarm:15.4.062.17802
-
cpe:2.3:a:checkpoint:zonealarm:15.8.139.18543
-
cpe:2.3:a:checkpoint:zonealarm:15.8.200.19118
-
cpe:2.3:a:checkpoint:zonealarm:5.0.63.0
-
cpe:2.3:a:checkpoint:zonealarm:6.1.744.001
-
cpe:2.3:a:checkpoint:zonealarm:7.0.337.0